1
0
mirror of https://github.com/hashcat/hashcat.git synced 2024-12-23 23:19:09 +00:00

Merge pull request #1072 from philsmd/master

-m 11400 = SIP digest authentication (MD5): added bound checks in parser
This commit is contained in:
Jens Steube 2017-02-14 16:01:51 +01:00 committed by GitHub
commit ddace83b41
2 changed files with 8 additions and 0 deletions

View File

@ -78,6 +78,7 @@
- OpenCL Device: Do a check on available constant memory size and abort if it's less than 64kB - OpenCL Device: Do a check on available constant memory size and abort if it's less than 64kB
- File Reads: Improved error detection on file reads, especially when getting the file stats - File Reads: Improved error detection on file reads, especially when getting the file stats
- File Locking: Improved error detection on file locks - File Locking: Improved error detection on file locks
- Hash Parsing: Added additional bound checks for the SIP digest authentication (MD5) parser (-m 11400)
- Sessions: Move out handling of multiple instance from restore file into separate pidfile - Sessions: Move out handling of multiple instance from restore file into separate pidfile
- Threads: Restored strerror as %m is unsupported by the BSDs - Threads: Restored strerror as %m is unsupported by the BSDs
- Wordlists: Fixed memory leak in case access a file in a wordlist folder fails - Wordlists: Fixed memory leak in case access a file in a wordlist folder fails

View File

@ -10998,6 +10998,13 @@ int sip_auth_parse_hash (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_U
u32 md5_max_len = 4 * 64; u32 md5_max_len = 4 * 64;
u32 total_length = method_len + 1 + URI_prefix_len + URI_prefix_len + URI_resource_len + URI_suffix_len + URI_suffix_len;
if (URI_prefix_len) total_length++;
if (URI_suffix_len) total_length++;
if (total_length > md5_max_len) return (PARSER_SALT_LENGTH);
u32 md5_remaining_len = md5_max_len; u32 md5_remaining_len = md5_max_len;
u32 tmp_md5_buf[64] = { 0 }; u32 tmp_md5_buf[64] = { 0 };